Nulog 1.2.14

Nulog is a PHP interface for the MySQL plugin for the ulogd netfilter log daemon and for NuFW SQL logging.
Nulog is a firewall log analysis interface written in php. Netfilter is able to log selected packets directly in a database like MySQL or PostgreSQL.

Nulog uses this interface to display security events in real-time on a user-friendly interface.

Here are some key features of "Nulog":

· show the last hosts that sent packets that got blocked by your firewall.
· show the last ports that hosts tried to open.
· search for packets logged from an host.
· search for packets logged for a given port.
· search for packets logged for a given user.

Installation

Settings up the database

To use it, create a mysql database ulogd, tape as root :

mysqladmin create ulogd

Next, populate the database using ulogd.mysqldump :

cat ulogd.mysqldump | mysql -u USER -p ulogd

Put your user and password in include/require.inc.

Note

The database is not the standard mysql database for ulogd. It add a few tables and indexes to have thing work fast.

Settings up netfilter

If you don�t use EdenWall or NuFW, you need to configure your netfilter installation.

Now you can log into the database. To log bad packet you have to use use ULOG

iptables -A FORWARD -j ULOG --ulog-nlgroup 1 --ulog-prefix "badif"

What's New in This Release:

· This release can use MySQL triggers instead of PHP code to compute statistical data.

last updated on:
August 3rd, 2007, 14:35 GMT
price:
FREE!
developed by:
INL
homepage:
www.inl.fr
license type:
GPL (GNU General Public License) 
category:
ROOT \ System \ Networking

FREE!

In a hurry? Add it to your Download Basket!

user rating 11

2.7/5
 

0/5

1 Screenshot
Nulog

Add your review!

SUBMIT